2145
2146

HTTP Error Code 418 I'm a Teapot is about to be removed from Node. We've gotta do something. [x-post /r/webdev] (save418.com)

submitted by tyteen4a03

top 200 commentsshow all 346
sorted by:
best
topnewcontroversialoldq&a

[–]andrewcare 553 points554 points  (78 children)

The problem is that it isn't registered with the IANA so it isn't "standard"... so a guy started the process to register it: https://github.com/nodejs/node/issues/14644#issuecomment-321722587

What a beautiful solution to a silly problem.

[–]Fordiman 78 points79 points  (16 children)

Ooh. 420 is available.

420 Man, I dunno.  You wanna hit of this?

[–]marnues 69 points70 points  (13 children)

Many tech workers do not consider it available. Twitter has the de facto standard:

420 - Enhance your Calm

[–]kemitche 32 points33 points  (0 children)

Twitter used/uses it as "you hit your rate limit," but 429 has been made the official code for that.

[–]Fordiman 5 points6 points  (11 children)

I like that. Should be used instead of 5xx errors when Reddit's having trouble keeping up with the comments on a particularly controversial post.

[–]curiousGambler 38 points39 points  (10 children)

I don't think so.

Hitting your rate limit is a client side problem, thus a 4xx code. The server is saying, "hey client, chill out, you're hitting me too often." It doesn't say anything about whether or not the server can handle the request, but rather that server is refusing to do so. If reddit is having trouble handling requests, that's a server side problem, thus a 5xx code.

The difference is basically that a 4xx tells the client to alter their behavior to get a successful response (in this case, make less requests) but a 5xx tells the client that server is having issues out of their control and no alteration of client behavior can be expected to change this fact (in this case, other people are hitting the server so often, it doesn't have the resources for you).

Just my two cents!

[–]tsein 3 points4 points  (5 children)

Should "I'm a teapot" be a 5xx code then? There isn't likely to be anything the client can do to change this.

[–]indrora 23 points24 points  (1 child)

Nope, because 418 is the result of type confusion: The client believes the host is a coffee machine, not a teapot, and has done something which is only valid for a coffee machine.

If the host did something wrong: 5xx. If the client did something wrong, 4xx. If things are nominally OK, 2xx, If things are otherwise OK but need you to look elsewhere, 3xx.

[–]JB-from-ATL 2 points3 points  (0 children)

I'd like to see a 3xx code for redirecting to a nearby coffeepot.

[–]curiousGambler 4 points5 points  (2 children)

I can see where you got that from my explanation. As the other user commented, the change of behavior needed by the client in the case of 418 is to stop trying to call a teapot to make coffee. From the spec:

Any attempt to brew coffee with a teapot should result in the error code "418 I'm a teapot". The resulting entity body MAY be short and stout.

Another confusing case would be 404. The way I said it, that a client should alter behavior to get a success, was misleading, because in the case of a 404 you can't do anything to make a resource stop being Not Found if it simply isn't there. The change in client behavior would be to stop making that request, because there's nothing there. That's still a client problem, not a server one. Similarly, 403 says "stop calling here because you aren't allowed to access this, ever" - sometimes the change in behavior needed by the client is simply to stop trying :)

[–]Losobie 1 point2 points  (0 children)

404 could also be due to lack of permissions, and you can't return anything other than a 404 or else you open up the possibility of an enumeration attack. In that case the client could do something (authenticate) to receive a successful response.

load more comments (1 reply)

    [–]Fordiman 1 point2 points  (1 child)

    "Enhance your calm" doesn't imply anything about a rate limit; that's just how Twitter interprets it.

    [–]curiousGambler 4 points5 points  (0 children)

    I mean, my point still stands that a 4xx code wouldn't be appropriate for the Reddit case you mentioned. I'm not sure how this comment is relevant.

    load more comments (2 replies)

      [–]psydave 4 points5 points  (0 children)

      420 Dave's not here, man.

      load more comments (1 reply)

        [–]mrfrobozz 19 points20 points  (5 children)

        HTTP Status Codes are defined by IETF RFCs, not by IANA. And HTTP "418 I'm a teapot" is defined by an RFC along with modifiers for milk-type, syrup-type, and alcohol-type. It is, sadly, only an informational RFC and not a standard (proposed or otherwise).

        [–]louiswins 7 points8 points  (1 child)

        That's not HTTP. It's HTCPCP.

        [–]mrfrobozz 6 points7 points  (0 children)

        HTCPCP is built-on top of HTTP because

        The web is world-wide. HTCPCP is based on HTTP. This is because HTTP is everywhere. It could not be so pervasive without being good. Therefore, HTTP is good.

        I love this RFC.

        load more comments (3 replies)

          [–]seamustheseagull 4 points5 points  (0 children)

          I mean, I applaud his straightforward approach to it. But asserting it as an actual code so because it would "require major releases" to deprecate it, is a bad solution to a stupid problem.

          When an implementation includes a good feature that falls outside the standards definition, then it's a good idea to consider adding it to the standard.

          When someone hacks a horrible feature into their implementation, you don't include it in the standard.

          In fact, it's more troublesome from a global perspective to include 418 in the standard. Then all of the implementations that didn't hack stupid in-jokes into their code will have to perform major releases to meet the standard, and gain nothing by doing so.

          There are places for in jokes and quiet humour. International standards are not it. Imagine if building standards required that every timber framed house must have a tiny carving of a dragon hidden somewhere inside the walls. That's literally how stupid this proposal is.

          [–]CaptainMuon 105 points106 points  (51 children)

          That is actually harmful. If accepted, the code will really be unusable for other purposes.

          Right now, some frameworks set a funny default message for the unassigned code 418. That can be easily overridden, and if 418 is assigned to something serious later, it is a small change.

          It is ridiculous how people want to bring the spec and the implementation in line at all costs, even by changing the spec. You see that sometimes with compilers, where strange edge cases are not fixed, but written into the spec.

          [–]ChoccyCupcake 230 points231 points  (47 children)

          I think the ship has sailed -- too many systems have already defined 418, as we can see. Also, seeing as there is over half of the 4xx space free, why would anyone choose to use 418, when they know it would be incompatible with several existing systems.

          [–]beejamin 169 points170 points  (39 children)

          Yep - if a single novelty code is going to cause running-out-of-space problems, then we've already got problems.

          Arbitrarily allowing for 100 codes per class seems perhaps short-sighted anyway (though I get why it is that way), but anyway, in practice we're never going run out of 4xx space, are we?

          [–]dada_ 55 points56 points  (5 children)

          Easy, just switch to floats. HTTP Error 406.3892: you must construct additional pylons.

          [–]AberrantRambler 13 points14 points  (2 children)

          And HTTP Error 406.3892000000000000001: Critical System Error

          [–]HeimrArnadalr 55 points56 points  (1 child)

          And HTTP Error 400.30000000000000004: Floating-point Comparison Error

          [–]balefrost 3 points4 points  (0 children)

          ... which sounds completely crazy, until you realize that arithmetic coding is a form of compression where every message can be encoded as a arbitrary-precision number between 0 and 1.

          [–]Divided_Eye 1 point2 points  (0 children)

          Wow, that takes me back.

          [–]Goz3rr 22 points23 points  (29 children)

          Switch to Nxxx if we actually do run out of codes in a class?

          [–]clarle 27 points28 points  (27 children)

          Unfortunately I think there's a lot of code right now that basically does the equivalent of if (statusCode >= 200 && statusCode < 300) return "success!";.

          Changing that would break a lot of existing code out in the wild already. Cost to make sure nothing goes wrong would be near the same amount needed as the Y2K bug, which was like $300 billion worth of work.

          [–]DontBeSpooked-Frank 22 points23 points  (13 children)

          Just do it in the next increment of http. Breaking changes are (informally) expected in that anyway.

          [–]terrible_at_cs50 3 points4 points  (0 children)

          Maybe, but HTTP/2 was a cluster to get to, and most people still use 1.1 (and some poor souls use 1).

          [–]MjrK 1 point2 points  (11 children)

          also, can we change http:// to h://, and change https to s:// ?

          [–]kemitche 4 points5 points  (2 children)

          And yet you leave in the double slash?!?

          [–]doom_Oo7 1 point2 points  (1 child)

          let's use emojis instead of http:// and https:// ! then it will only be a single character.

          • http:// => 🦐www.google.com
          • https:// => 🦃www.google.com

          [–]Blocks_ 3 points4 points  (7 children)

          I'm not a network guy so apologies if this is a stupid question, but how is this beneficial?

          [–]mikelieman 17 points18 points  (3 children)

          Saves bits. Does no-one think of the poor electrons?

          [–]f3lbane 6 points7 points  (2 children)

          Maybe because this guy doesn't know about RFC 1808 and base-URL inheritance?

          Or perhaps he has a RSI and really needs to save 3-4 keystrokes occasionally.

          [–]jaredw 3 points4 points  (7 children)

          It's probably going to happen eventually.

          Look at ipv4 running out. So many people had to implement ipv6 protocols.

          If we make a date to change the standard 10-15 years from now we could spread out the changes enough where if whatever code hasn't made the change 10-15 years from now the code probably isn't going to be used anyway

          [–]balefrost 18 points19 points  (5 children)

          if whatever code hasn't made the change 10-15 years from now the code probably isn't going to be used anyway

          Ah, the optimism of youth.

          [–]marnues 0 points1 point  (0 children)

          IPv6 was created in the 90s. We're past the 15 year mark and there's no end of IPv4 in sight. We can changed most things about computing in a few years, but the network stack is not one of them. Even layer 2, which is ostensibly only concerned with point-to-point, is built around unique mac addresses that are being used by tooling around the world. Thankfully those are big enough that we're not going to run out of them, but we'll want to change it and it's going to take several decades.

          load more comments (5 replies)

            [–]wren337 4 points5 points  (0 children)

            Fractional codes would be the same amount of work or less.

            418.7 I am unplugged

            [–]lllama 13 points14 points  (2 children)

            I like how in one sentence you call something short-sighted and at the same time acknowledge it's practical.

            [–]Cyphr 10 points11 points  (1 child)

            Just because something is short sighted doesn't mean it's not practical. Given the few codes in the range that are defined, 100 isn't an unreasonable number to pick as a starting point.

            [–]psychicsword 7 points8 points  (0 children)

            Change it to a "Success, see response body for details" code. If people stole 418 for custom messaging then it still works and if it returns 418 I'm a Teapot then it is still a historical easter egg.

            [–]CaptainMuon 20 points21 points  (3 children)

            But that's the thing, nobody really does anything with 418. All the code I can see is (pseudocode):

            >>> r = Response(404)
>>> r.body
"HTTP 404: Not found"

>>> s = Response(404, "The page you were looking for was not found")
>>> s.body
"The page you were looking for was not found"

>>> t = Response(419)
>>> t.body
"HTTP 419: Lorem Ipsum Dolor! Please change this default message!"

>>> u = Response(418)
>>> u.body
"HTTP 418: I'm a teapot!"

            It can always be trivially overridden, the message is for consumption by people, not computers anyway, and nobody complains when a default body is generated for other unassigned codes.

            [–][deleted]  (2 children)

            [deleted]

              [–]CaptainMuon 25 points26 points  (1 child)

              Yes, the response code is handled by the browser, but the message or body is usually for humans. You misread my comment.

              With respect to the response code, node.js (server-side) is not doing anything strange. If you ask for 418 or 404, it sends exactly that number. It is just filling in the human-readable part.

              I think the HTTP client code also doesn't handle 418 differently than e.g. 419.

              [–]b4ux1t3 1 point2 points  (0 children)

              To be fair, I thought you meant the code as well. But then, I haven't had my coffee yet.

              load more comments (2 replies)

                [–]rlbond86 8 points9 points  (0 children)

                I don't see the harm of using one code like this. It's already in some implementations, and anyway there are dozens more numbers in the 400 block.

                If we start running out of codes in any block, reclaiming a single code isn't a long-term solution.

                [–]marnues 8 points9 points  (0 children)

                If accepted, the code will really be unusable for other purposes.

                That's the point. We want ridiculous and meaningless error codes. They're a) good for testing and b) good for the soul. There are not 100 meaningful 4xx http error messages, and we shouldn't be looking to expand them. HTTP has enough on its plate.

                load more comments (1 reply)

                  load more comments (2 replies)

                    [–]zom-ponks 582 points583 points  (114 children)

                    Somebody has really got something against a silly error code:

                    https://github.com/nodejs/node/issues/14644

                    https://github.com/golang/go/issues/21326

                    https://github.com/aspnet/HttpAbstractions/issues/915

                    https://github.com/requests/requests/issues/4238

                    I'm indifferent myself, but be as standard-minded as you want, is the removal that pressing...?

                    [–]XANi_ 665 points666 points  (73 children)

                    I think we found most boring man in the universe

                    [–]rezsicsokkentes 220 points221 points  (46 children)

                    As far as I know he's a chairman of the IETF HTTP working group not just a random troll.

                    [–]XANi_ 110 points111 points  (15 children)

                    Which is why I did not call him a troll.

                    [–]SixFootJockey 117 points118 points  (4 children)

                    His github name would save him though.

                    "You're being a troll!"

                    "mnot"

                    [–]myhf 73 points74 points  (2 children)

                    "You're a little teapot!"

                    "mnot"

                    [–]isaacarsenal 47 points48 points  (1 child)

                    "You must be fun at parties"

                    "mnot"

                    [–]ChemicalRascal 21 points22 points  (0 children)

                    "I'm glad to see that you're committed to spending your time fighting for important change in standards and implementations of web protocols."

                    "mnot"

                    [–]sin2pifx 2 points3 points  (0 children)

                    419. Am not.

                    [–]mcguire 17 points18 points  (0 children)

                    You say that like they're incompatible.

                    He's not a random troll. He's a very specific standards committee troll.

                    load more comments (9 replies)

                      [–]duheee 203 points204 points  (26 children)

                      Which makes it worse, in my opinion. He sounds like a very busy man, wtf is this for? Does he want 418 for something? There are plenty of 4xx numbers left.

                      [–]bulldog_swag 86 points87 points  (4 children)

                      Plot twist:

                      .

                      .

                      .

                      .

                      He's a teapot.

                      [–]jigga_wut 78 points79 points  (1 child)

                      Ok Mnot Shamalan

                      [–]ChemicalRascal 7 points8 points  (0 children)

                      No, worse. He's a teapot that can brew coffee, but 418 means that he's not allowed to.

                      load more comments (1 reply)

                        [–]ntldr 27 points28 points  (8 children)

                        He admits that there are still unused status codes in the 4xx range. But his argument is that http will probably be around for a while and in the future we may need the status code.

                        In my opinion, it seems like a lot of work and time just to free up 1 status code that we aren't even sure we'll ever need. Besides, there are still 399 codes unassigned in the range of 600-999.

                        EDIT: fixed the numbers

                        [–]Kamikai 14 points15 points  (4 children)

                        There should be 400 codes still available, the 600s aren’t used for anything either.

                        Granted each set of 100 has a specific meaning, so that still leaves 70+ categories of client side errors available to be assigned in the 400s.

                        [–]czorio 1 point2 points  (2 children)

                        I know next to nothing about the inner workings of HTTP and its related standards, but how hard would it be to, should the need arise, add another character to the status code?

                        ex.: 404 -> 4004/4040

                        This way you'll have x100-x999 available for additional client errors.

                        This being said, I am very aware of the fact that if someone asks "Why don't they just do X or Y?" there usually is a very good reason for things not to be that way.

                        [–]MatthewC529 12 points13 points  (1 child)

                        The most immediate reason is that increasing the status codes by an order of magnitude would break many, many programs.

                        This is mentioned in one of the threads linked to above but many programs assume, quite reasonably so, that doing something like status >= 400 && status < 500 will always indicate a client error according to the spec. Or even more simply status == 404 got checking for Not Found. Making this a dangerous undertaking.

                        mnot's argument makes sense if there was reasonable concern about running out of client error codes. But we still have more than half unregistered.

                        [–]czorio 2 points3 points  (0 children)

                        Allright, thanks!

                        [–]ntldr 0 points1 point  (0 children)

                        Yeah, my mistake.

                        [–]morelore 7 points8 points  (2 children)

                        Here's how I see it: The fundamental problem with exhaustion of the status codes is that there are a limited number of them. We need a protocol redesign that allows arbitrary amounts, or at least bumping the allowed number up a couple orders of magnitude (See IPv4. We could have tried to reclaim some space from 127.*, but it wasn't going to really fix the problem. We needed IPv6 regardless of stopgap measures).

                        The problem with that is we need time to design and implement the new protocol before exhaustion actually causes a problem. So is removing 418 going to be effective as a stopgap?

                        There's 2 scenarios. Either status code usage continues to grow slowly, at the current rate, which is about 1 status code per decade if my napkin math is correct. In that case we've got a couple centuries before we even need to address the issue, and another century or so to cut over to the new system. Plenty of time.

                        The other scenario is that usage grows in bursts. Maybe there's a resurgence in WebDAV style "HTTP+" protocols that extend HTTP. In that case, there needs to be some some classification of codes as "permanently unassigned", so extensions know they're safe for use, or we need the unbounded status codes. In either case, 418 isn't going to be an issue there.

                        If 20 years of actual implementation and deployment - albeit as a joke - isn't enough to get something recognized as a de facto standard, what is?

                        [–]duheee 1 point2 points  (0 children)

                        In that case, there needs to be some some classification of codes as "permanently unassigned", so extensions know they're safe for use

                        This, exactly this. Websocket has that. A bunch of codes (four figures too) that are standard and a ton of them available for applications. Win-win.

                        load more comments (1 reply)

                          [–]xKitey 112 points113 points  (0 children)

                          418 broke his heart and now his sole goal in life is it's abolishment

                          [–]Worse_Username 0 points1 point  (0 children)

                          He mentions in one of the issues that it sets up a precedent for other codes being similarly "squatted" for humorous purposes. Anyway, I'm off to implement a teapot-secure coffeepot controller.

                          load more comments (10 replies)

                            [–]delfinom 0 points1 point  (0 children)

                            Quick, someone submit a RFC to the HTTP working group to make it legitimate.

                            load more comments (2 replies)

                              [–]tigger0jk 16 points17 points  (2 children)

                              The problem though is that the most boring man in the universe is so boring that it's unique and interesting. This is an extensible concept

                              [–]debazthed 54 points55 points  (0 children)

                              He had fun once and hated it.

                              [–]in0de 43 points44 points  (6 children)

                              The guy kind of "famous". IIRC he works for Akamai.

                              Here it is his Wikipedia page: https://en.m.wikipedia.org/wiki/Mark_Nottingham

                              EDIT: Wikipedia already talks about this event. Internet!

                              [–]weedtese 42 points43 points  (4 children)

                              EDIT: Wikipedia already talks about this event. Internet!

                              And now it's been removed. :/

                              weight given to recent event which is really just minor in the scheme of things

                              minor??? we're talking about the fate of the HTCPCP

                              [–]TheCodexx 31 points32 points  (3 children)

                              Wikipedia has been trash for years.

                              It's full of people just like Mark Nottingham who will spend all day arguing for the sake of it.

                              [–]Spajk 1 point2 points  (0 children)

                              someone removed it :/

                              [–]timdorr 4 points5 points  (0 children)

                              "I don't always drink beer. But when I do, I drink Bud Light"

                              [–]NotExecutable 2 points3 points  (0 children)

                              And we should make him a nice, warm cup of tea so he can calm down.

                              [–]mispeeled 2 points3 points  (0 children)

                              A comment from the HttpAbstractions thread: "A HTTP spec return code nobody sees and has use for, and that takes space in a spec. Drives a point home about how idiotic node.js, Go and ASP.net communities are."

                              He's certainly not the only one.

                              load more comments (12 replies)

                                [–]oxenmeat 76 points77 points  (24 children)

                                Standards are important. Look at what a pain IE has been over the years.

                                This may seem trivial, because it is, but slippery slope something something.

                                [–]CSI_Tech_Dept 12 points13 points  (7 children)

                                What should really happen is all the server code should remove this response, but all client code should handle it.

                                I'm behind requests library that choose to keep it.

                                The reason for it is that the design principle of the Internet is that you should be strict when sending data but should be flexible when handling responses.

                                [–]shawnz 5 points6 points  (6 children)

                                The issue isn't about client/server behaviour, the issue is that 418 is not part of the HTTP spec. It could be reserved but that's kind of a waste when it is just a joke error code, and there's only 99 to choose from. Given it is not reserved now, any library that implements it with the teapot meaning might have to change in the future.

                                [–]CSI_Tech_Dept 4 points5 points  (2 children)

                                It's not part of the protocol, but it's being used in the wild. Sysadmins from my previous company for example thought it was funny to use it when blocking spammers.

                                I agree that nothing should be allowed to emit it, but the client code should be able to handle what it receives.

                                load more comments (3 replies)

                                  [–]phantomfive 194 points195 points  (12 children)

                                  The standard says KEEP IT IN.

                                  It is clear this error code is becoming more and more important since the IoT is growing, and we will indeed have connected teapots soon.

                                  [–]oxenmeat 38 points39 points  (10 children)

                                  It isn't part of thr HTTP standard, though.

                                  [–]phantomfive 53 points54 points  (8 children)

                                  I don't know what standard you're reading, but it's THE WRONG ONE

                                  [–]badcommandorfilename 28 points29 points  (3 children)

                                  The second T is for Teapot

                                  Edit: HyperTeapot Transfer Protocol would have been funnier.

                                  [–]amyyyyyyyyyy 8 points9 points  (2 children)

                                  HyperTea TeaPot

                                  [–]jorge1209 11 points12 points  (1 child)

                                  Hot Tea Transfer Pot.

                                  [–]theforemostjack 10 points11 points  (0 children)

                                  HTCPCP?

                                  [–]BrianSkog 3 points4 points  (2 children)

                                  Where's the RFC for HTTPCP? RFC2324 doesn't appear to have any specs for handling shortness and/or stoutness.

                                  EDIT: Found it. As noted below, RFC 7168 addresses the "deficiency of HTCPCP in addressing the networked production of such a venerable beverage as tea"

                                  load more comments (1 reply)

                                    [–]igor_sk 2 points3 points  (1 child)

                                    yeah, such a pain that its inventions (DHTML/DOM, AJAX/XMLHttpRequest) are still used nowadays by all major browsers despite being nonstandard for many years... Everyone should have gone with Netscape's layers, they were obviously superior! (and also nonstandard) /s

                                    Serious question: how many nonstandard extensions does Chrome implement?

                                    [–]hobbledoff 1 point2 points  (0 children)

                                    Javascript, <canvas>, and even <IMG> were also nonstandard at some point. A lot of innovations in the modern web came from nonstandard extensions that later became de facto standards that the w3c and others would adopt. On the other hand, several standards created entirely by the w3c (like MathML or the never finished XHTML 2.0) never even made it off the ground.

                                    load more comments (1 reply)

                                      [–]flexibleinstance 45 points46 points  (5 children)

                                      we need issues to add them all back and maybe include another 420 "Naga stole my bike"

                                      [–]stratoscope 35 points36 points  (2 children)

                                      I want error code 419 "I'm a scammer".

                                      [–]rubygeek 12 points13 points  (1 child)

                                      Given the above, perhaps we need a code for "Closed as pedantic" too.

                                      [–]Sanguistuus 22 points23 points  (1 child)

                                      Enhance your calm

                                      [–]RealJohnAnderton 3 points4 points  (0 children)

                                      ...John Spartan

                                      [–]AnalogOfDwarves 8 points9 points  (3 children)

                                      I'm almost, but not quite, petty enough to want to write a module that will figure out if a request is being sent by this guy and if it is, respond with "418 I'm a teapot and you can't tell me what to do!"

                                      [–]zom-ponks 21 points22 points  (2 children)

                                      You know what would be petty?

                                      Making PRs to projects that don't have 418 to implement it.

                                      [–]jaredw 11 points12 points  (0 children)

                                      Yeah totally petty.

                                      Also petty would be telling me which projects those are so that I could implement that.

                                      Absolutely petty.

                                      Let's do it

                                      load more comments (1 reply)

                                        load more comments (4 replies)

                                          [–]BrianSkog 138 points139 points  (10 children)

                                          Thus, there is a strong, dark, rich requirement for a protocol designed espressoly for the brewing of coffee.

                                          [–]Tofinochris 52 points53 points  (5 children)

                                          There are steep consequences for its removal.

                                          [–]earthboundkid 10 points11 points  (2 children)

                                          I dunno, this moving has been brewing for a while.

                                          [–]Rodalli 3 points4 points  (1 child)

                                          It's obviously a very pressing matter, judging by this post.

                                          [–]0x0123456789ABCDEF 2 points3 points  (0 children)

                                          something something I'd bet a million Starbucks something something

                                          [–]boobsbr 3 points4 points  (2 children)

                                          https://ww.youtube.com/watch?v=9ZxLlirprF0

                                          [–]CaptainMuon 41 points42 points  (2 children)

                                          In what fashion does Node "support" 418? I mean there is no teapot server module that can get an accidental coffee request. Under what circumstances does Node send out 418 (or handle 418 when getting a response)?

                                          Edit: it seems it just sets a default message if you choose status 418 for a response. You can probably easily set your own message body. If it is just this, I don't see any relevance at all. It might as well default to "Hey, this is the default message for HTTP 425!!" for status 425 (I don't know about that code, I'm taking it as a stand-in for an unassigned code). Would somebody complain about that?!

                                          [–]marnues 12 points13 points  (0 children)

                                          It's a useful test code because the default is different. I can throw a 418 and expect a very specific message. That's extremely useful for some people's rapid development.

                                          Further, keeping it as an arbitrary error code means that I can redefine it internally and know that it will never have a meaningful message that I'll need to expose.

                                          load more comments (1 reply)

                                            [–]OrangeredStilton 43 points44 points  (2 children)

                                            Throwing my hat into the ring: as author of RFC 7168, I obviously have a vested interest in error 418 being recognized because the mechanism described in the RFC depends on teapots being able to send that code and brew requesters being able to understand it.

                                            I hacked up a quick tweet and sent an email to the guy at save418, but it seems there should be more I can do...

                                            [–]ocularsinister2 5 points6 points  (0 children)

                                            This is crazy, just as the Internet of things starts taking off they remove this incredibly foresighted piece of functionality?!

                                            load more comments (1 reply)

                                              [–]wild_dog 20 points21 points  (2 children)

                                              Now I'm waiting for an IoT teapot which replies with code 418 to all HTTP requests.

                                              [–]DJDavio 28 points29 points  (0 children)

                                              Well, it could just reply with a valid HTTP code if you ask it to make tea. It only replies 418 if you want coffee.

                                              [–]Ajedi32 8 points9 points  (0 children)

                                              Already been done: http://joereddington.com/418-error-code-teapot/

                                              [–]TheMostInvalidName 88 points89 points  (3 children)

                                              Personally, I really don't care. But it's fun and something cool to remember and share. Just keep it ya know

                                              [–]_zenith 63 points64 points  (2 children)

                                              It's computing cultural heritage! We must keep it.

                                              [–]Distarded 16 points17 points  (1 child)

                                              I didn't know it existed until just now, but I feel strongly about it staying! Also bring back adb hell.

                                              [–]JamieTidman 13 points14 points  (0 children)

                                              /r/britishproblems

                                              [–]cookiengineer 69 points70 points  (19 children)

                                              How do I control my tea machine now? I'm actually using this protocol for brewing my mint tea every day, with ardujs and a teensy USB mainboard.

                                              Please, don't kill my ability to brew tea, it's an important part of my life.

                                              I would actually suggest that we need an extension to the HTTP spec for washing machines and fridges.

                                              [–]Tofinochris 39 points40 points  (16 children)

                                              Washing machines? 413 Payload too large not enough for you?

                                              [–]cookiengineer 34 points35 points  (12 children)

                                              Na, I mean in the sense of verbs like START, STOP, PAUSE, RESUME, SET (for setting instead of getting?) etc.

                                              (now I guess I'm serious) Would be actually quite good to have a simple generic HTTP/1.1 protocol as an alternative to MQTT which is total brainfuck to implement with that QoS pubsub stuff AND requires a message queue to function, which is basically not that good for simple projects. I don't want a docker cloud for transfering data via a 2 client network connection.

                                              Could be something like this:

                                              < HTTPIOT/1.1 200 OK
> START /program/normal_washing.js?temperature=60C

                                              The protocol should not have many verbs, but should allow to transfer both states either as parameters (as previously with GET /url?params=whatever) or try to abstract the states as verbs, so that you could start, stop, and interact with the remote program similar to the RPC idea.

                                              edit:// Even when you would want a publish/subscribe channel for sensors and stuff, you could simply introduce a "SUBSCRIBE /sensors/channel/id" verb so that the data comes now with the response body. This would be far simpler and dead-easy to implement; compared to the MQTT approach. I would leave the encoding part identical to HTTP, so that you can also transparently plug-in your own codecs if you want to go the binary route.

                                              [–]Tofinochris 9 points10 points  (2 children)

                                              I was only having a laugh but your post is bloody good really.

                                              [–]cookiengineer 10 points11 points  (1 child)

                                              I think it's mostly my terrified side from the IoT world. Doing MQTT for around a year now, and I hate the protocol for many design details. It's made for machines, so it's terrible to debug states as a human.

                                              With HTTP you can at least just "dump the traffic somewhere", filter it by ip/connection and write a parser for it so that you can see which data was transferred to what endpoint at what point in time.

                                              That kind of stuff is impossible with a message queue requiring protocol. You end up with buffer overflows, mismatched TCP chunks and false publishes across the whole network and you're like days away from tracing the bug.

                                              Tools like wireshark become pointless because it's not really the "state of the network" as dozens of other things can go wrong with the QoS part or the message queues in between. A false reply from a client for a QoS level 2 packet can seriously damage the network.

                                              [–]Pas__ 4 points5 points  (0 children)

                                              HTTP is nice, that you can always just use tcpdump to see wtf is going where, but that's over because TLS/SSL everywhere and HTTP/2 (which is binary).

                                              Sure, Wieshark has dissectors for everything, but you need the crypto material to be able to decipher things. And it's a lot more inconvenient.

                                              That QoS thing sounds horrifying.

                                              And for state transfer, REST works well.

                                              POST /gadgets/<id>

{
    "action": "start wash",
    "temp": 60,
    "quick_wash": true
}

                                              For pub-sub, you can do use 

                                              GET /gadget/<id>.stream?max_rate_freq=5

                                              and stream chunks.

                                              [–]rubygeek 4 points5 points  (0 children)

                                              There is an IANA registry for new methods

                                              And a section in RFC 7231 about registration

                                              Generally I think they'd be unlikely to be pleased about very specific method registrations, but things like "START" with sufficiently lose semantics maybe.

                                              HTTP/2 also allows more convoluted extensions, such as adding new frame types, new settings and new error codes (see section 5.5 - Extending HTTP/2), but can as far as I can tell also be extended by registering new HTTP verbs as per above, which are passed in the :method pseudo-header.

                                              EDIT: It's worth noting that IETF is mostly volunteers, and you get involved simply by joining mailing lists and participating, so if you want to propose something like this, look for IETF mailing lists on the subject of IOT and see if they're working on any applicable standards and if not, propose one informally and offer to type up a draft. If they are, it's likely better to try to nudge it in the direction you want. This is how most IETF-led standards start out.

                                              [–]StuartPBentley 5 points6 points  (5 children)

                                              We already have verbs for START, STOP, PAUSE, RESUME, and SET: they're called POST, POST, POST, POST, and PUT, respectively. This is HTTP REST we're talking about. You layer your API action resource semantics on top of the transactional ones.

                                              [–]cookiengineer 6 points7 points  (4 children)

                                              RPC != REST. An RPC protocol is meant to be easily implemented transfering states using commands (or methods), while a REST based protocol approach will lead to many dependencies and always abstracts data, not interaction. (thinking of the IoT context and an Arduino client atm).

                                              [–]StuartPBentley 6 points7 points  (3 children)

                                              It sounds like you have a fundamental misunderstanding of what REST entails. Take a look into an API that does RPC operations with REST semantics, like CouchDB's (a specific example off the top of my head would be replication dispatch).

                                              [–]cookiengineer 4 points5 points  (1 child)

                                              I think when talking about REST I have issues with its philosophy of abusing POST, which is not nullipotent and neiter idempotent and therefore needs more checks for all substates on each client's (or server's for that matter) code.

                                              Also, all substates are represented in the form of data, which makes it worse for ultra-low-memory devices, because let's be honest here, an Arduino won't be able to multi-thread or have a memcache daemon running and neither does it have the capabilities of an internal database that is representing those states with the current values.

                                              So from my perspective REST is pretty much ruled out by concept because of missing nullipotent behaviours of the "abused" POST verb. RPC on the other hand has idempotent behaviour, so in my example with the washing machine I would only represent each state by its behaviour (e.g. running = true || false) while with the REST approach I would need much much more complex and nested data structures.

                                              To abstract the argument further I could've also simply used java and SOAP for that. But it just has way too much dependencies to be used for a functional, minimalistic, BASIC-like language. Most machines out there are so low level that you have even no dynamic memory available (e.g. ABB Robots use RAPID, a language very similar to BASIC that only has global or local variables, which can nowhere be stored forever. A "teach panel" will modify the code of the program, and not its memory or variables).

                                              [–]Pas__ 3 points4 points  (0 children)

                                              You don't have to transfer the whole state.

                                              You can use PATCH, and some REST APIs use it, as that's meant for partial updates, not POST.

                                              So you want to modify one part of the state, you send a (partial) modification to the resource that is the representation of that (sub)state. You can be as fine-grained as you wish. You don't have to cache anything as a server, it's up to the clients!

                                              RPC by itself doesn't guarantee idempotency. Quite on the contrary, if you call <remote object>'s do_something() method, it'll do it, which means you have to be careful to not overdo something. (Of course, if you use something like POST /killer_gadgets/<id>/orders { "order": "kill a human" }, then you have to be careful not to send accidentally too many POST requests.)

                                              So, if you specify your protocol to always contain something unique and easily verifiable (like a counter (and to keep in sync you explicitly tell the device that you want the counter to be increased by 1 if it's current value is X), a timestamp (and then of course you need to have a rule about how much time it must pass between orders), or a target ID (but then you need to update/maintain the target DB on the device)), then even resource constrained devices can be made pretty safe.

                                              [–]marnues 0 points1 point  (0 children)

                                              REST is not a necessary standard when doing web APIs. It is considered best practices far many reasons, but it is entirely valid to build RPC based web APIs that would work best with verbs like START and STOP.

                                              That said, I wouldn't do it. I like REST and the built-in ease of seamless architectural changes. But many people would rather think in terms of RPC and that's OK.

                                              [–]bitreign33 0 points1 point  (0 children)

                                              Why not just use POST to a specific resource that accepts a JSON body where you can specify what you're looking to do on that resource? There is no need for more verbs, I already have a hard time getting the latest batch of CompSci geniuses to understand when to use PUT/PATCH/POST.

                                              [–]Almafeta 0 points1 point  (0 children)

                                              I think we're putting more engineering into whitegoods design than most whitegood engineers are allowed to do so.

                                              [–]sac_boy 4 points5 points  (2 children)

                                              In a real sense a teapot is just a washing machine that washes the tealessness out of plain water.

                                              [–]CodeMonkey1 6 points7 points  (1 child)

                                              I was with you until the second half. I would say a teapot is a washing machine that washes the tea out of tea leaves. Then you discard the clean item and consume the dirty water.

                                              [–]sac_boy 2 points3 points  (0 children)

                                              I like it, yeah.

                                              [–]pelrun 2 points3 points  (0 children)

                                              It's not a problem. 418 is only for when you try to ask your teapot to make coffee. If you ask it for tea then you should get a 200.

                                              load more comments (1 reply)

                                                [–]Misio 48 points49 points  (7 children)

                                                All of computing used to be fun like this. Until it was taken from the men with beards by the men with suits.

                                                They'll be after RFC 1149 next. Soulless, joyless, heathens.

                                                [–]Pas__ 4 points5 points  (5 children)

                                                RFC 1149

                                                Uh, there's quite .. a few ... more!

                                                [–]Ouaouaron 13 points14 points  (4 children)

                                                Despite RFC 1149 being posted on April Fools, I feel like it shouldn't even count as a joke as long as something like AWS Snowmobile exists.

                                                [–]Misio 6 points7 points  (1 child)

                                                It's been a long since I've really meant this, but that is so fucking cool.

                                                [–]nemec 4 points5 points  (0 children)

                                                Never underestimate the bandwidth of a station wagon full of tapes hurtling down the highway.

                                                —Andrew Tanenbaum

                                                [–]itsmoppy 3 points4 points  (0 children)

                                                That sounds legit useful actually.

                                                I did some Google and one company that has used it was a satellite imaging firm that moved "approximately 100 PB" (one snowmobile) into the cloud.

                                                That would take 1,000 days to upload at 1 Gbs, assuming 10b=1B and trusting that I can count zeros. I never can.

                                                load more comments (1 reply)

                                                  [–]qutheory 48 points49 points  (2 children)

                                                  Just double checked to make sure it's in Vapor (server side Swift). We'll keep it even if Node takes it out. https://github.com/vapor/engine/blob/master/Sources/HTTP/Status/Status.swift#L213

                                                  [–]flekkzo 5 points6 points  (1 child)

                                                  What happened to 421?

                                                  [–]RainbowGoddamnDash 24 points25 points  (0 children)

                                                  Still recovering from 420, brah.

                                                  [–]sisyphus 39 points40 points  (1 child)

                                                  Talk about a "TEMPEST IN A TEAPOT"! Right? Guys? I'll see myself out.

                                                  [–]theforemostjack 5 points6 points  (0 children)

                                                  Take your upvote on your way.

                                                  [–]RiPont 7 points8 points  (0 children)

                                                  IOT becomes a thing and now they want to do away with 418 - I'm a teapot?

                                                  No! They need to expand it with sub-codes.

                                                  418.1 - I'm an espresso machine

                                                  418.2 - I'm a K-cup machine

                                                  418.3 - I'm a thermostat

                                                  ...

                                                  [–]pubies 5 points6 points  (1 child)

                                                  https://www.google.com/teapot

                                                  [–]exploder1531 6 points7 points  (0 children)

                                                  TIL you can pour tea by rotating your phone.

                                                  [–]i_feel_really_great 12 points13 points  (0 children)

                                                  Fun fact: A nice little microframework I use is named Teapot in its honour.

                                                  https://github.com/zeroflag/Teapot

                                                  [–]marishtar 30 points31 points  (6 children)

                                                  Ironic, given with the IoT becoming a thing, it might have a real use case sometime soon.

                                                  [–]Ouaouaron 10 points11 points  (3 children)

                                                  Something similar might be used, but there's no way a 3-digit error system can include something as specific as "I am a teapot". It'd have to be a general "I am not the requested appliance".

                                                  [–]philipwhiuk 4 points5 points  (1 child)

                                                  I've proposed Wrong Device Type on the Golang issue.

                                                  [–]Ouaouaron 3 points4 points  (0 children)

                                                  It's probably something that should be solved upstream of Golang, though. IoT might call for a whole new protocol, or at least a real extension of HTCPCP.

                                                  [–]Agent-A 2 points3 points  (0 children)

                                                  418: This isn't the device you're looking for

                                                  [–]tryfap 14 points15 points  (0 children)

                                                  Not really.

                                                  [–]HeimrArnadalr 0 points1 point  (0 children)

                                                  Certainly sooner than running out of 4xx responses.

                                                  [–]Typo-Kign 96 points97 points  (24 children)

                                                  All posted by the same guy. What a dick.

                                                  [–]jamrealm 160 points161 points  (17 children)

                                                  To be fair, he isn't just some random internet poster, he's the chairman of the HTTP standard working group.

                                                  He's a technical guy and he is making a technical point.

                                                  [–]Tofinochris 91 points92 points  (4 children)

                                                  But still a miserable, if technical, bastard.

                                                  [–]tarantulus 16 points17 points  (0 children)

                                                  That's kinda his job...

                                                  [–]jamrealm 19 points20 points  (2 children)

                                                  ... The best kind of bastard?

                                                  [–]ryuzaki_lost 6 points7 points  (0 children)

                                                  The true king of north?

                                                  [–]EternallyMiffed 14 points15 points  (0 children)

                                                  The worst kind of bastard.

                                                  [–]Pas__ 8 points9 points  (2 children)

                                                  But it's a moot point. Put it in the standard and carry on. After all, it's a standard by humans for humans, even if it's about machine talk.

                                                  [–]FuckCSS 5 points6 points  (1 child)

                                                  That sounds like a great way to turn a standard into an accumulation of garbage. It's how you get blink tags and javascript.

                                                  [–]Aakumaru 1 point2 points  (0 children)

                                                  No, accepting new garbage and tossing it into the standard would be. This is a carry over from a long time ago and is, frankly, a great old easter egg. #save418 from technical cucks

                                                  [–]TheCodexx 2 points3 points  (0 children)

                                                  The more I read, the more I want him to fail.

                                                  [–]FuckCSS 0 points1 point  (0 children)

                                                  Yes. This should be at the top.

                                                  load more comments (7 replies)

                                                    [–]rox0r 1 point2 points  (0 children)

                                                    All posted by the same guy. What a dick.

                                                    Yeah look how impolite he is:

                                                    Please consider removing support for 418 from Node, since it's not a HTTP status code

                                                    load more comments (5 replies)

                                                      [–]FyreWulff 20 points21 points  (0 children)

                                                      Local Man Hates Fun

                                                      [–]stoutyteapot 2 points3 points  (0 children)

                                                      Me too.

                                                      [–]Enamex 2 points3 points  (0 children)

                                                      Obviously replacing it with HTTP Error Code 419 I'm Groot.

                                                      [–]extremeanger 2 points3 points  (0 children)

                                                      <chant repetitions='1000'>Hell no! 418 must not go!</chant>

                                                      [–]SmashShock[🍰] 2 points3 points  (0 children)

                                                      We did it! The issue is closed.

                                                      [–]poloppoyop 8 points9 points  (0 children)

                                                      https://github.com/nodejs/node/issues/14644#issuecomment-321569208

                                                      it would be trivial to remove should an actual error 418 be added to HTTP

                                                      This whole issue show that no. It would not be trivial. And that's just for Node, as a lot of other servers do it already the day 418 has to be used will be fun.

                                                      [–]deus_lemmus 1 point2 points  (0 children)

                                                      There are applications which actually depend on it that aren't teapots...

                                                      [–]Ratstail91 1 point2 points  (0 children)

                                                      As a teapot, I find this issue quite troubling.

                                                      [–]_georgesim_ 1 point2 points  (0 children)

                                                      I sexually identify as a teapot, so I find this request very offensive.

                                                      [–]bitreign33 2 points3 points  (0 children)

                                                      418 is used in a few lab environments I use, handy for very specific "this is not the resource you're looking for" situations that you don't expect to encounter in prod.

                                                      [–]Pr0methiusRising 6 points7 points  (0 children)

                                                      Personally, I have no sense of humor. Please deprecate and remove before I'm reminded.

                                                      [–]OriginalPostSearcher 2 points3 points  (0 children)

                                                      X-Post referenced from /r/webdev by /u/Kamatotato
                                                      HTTP Error Code 418 I'm a Teapot is about to be removed from Node. We've gotta do something.

                                                      I am a bot. I delete my negative comments. Contact | Code | FAQ

                                                      [–]Tufts_Student -2 points-1 points  (4 children)

                                                      Well, it's a part of the standard and if Node claims to support HTTP, it should keep it implemented as well. What would be nice, however, is removing the code from the standard entirely. I fail to see any value in it, humorous or otherwise, it's just clutter that doesn't belong.

                                                      That said, it doesn't matter either way. There is no shortage of HTTP error codes, and 418 cannot be used anyway due to backwards compatibility issues. Arguing over it is a waste of time, just like that master/slave terminology debate. Last time I checked, webdev has a million issues of greater importance than the teapot code -- maybe, just maybe, we should work on solving them first?

                                                      [–]musketeer925 45 points46 points  (3 children)

                                                      It's not a part of the standard.

                                                      [–]snowe2010 1 point2 points  (2 children)

                                                      it is a much a part of the protocol as HTTP/2 is.

                                                      [–]f0urtyfive 21 points22 points  (1 child)

                                                      I think the point is, it's not valid HTTP/1.1 or HTTP/1.0 or HTTP/2, because the spec 418 I'm a teapot is in uses the HTCPCP/1.0 version so it shouldn't be in the various http packages.

                                                      Not that I think it's worth the time already spent discussing it.

                                                      load more comments (50 replies)